[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] radius help
Hi, I have done some further troubleshooting. I see the RAIDUS packets from port 1645 that originate from firewall to RADIUS server received reject. But behind the LAN on a different machine in the same subnet, I received accept. My firewall is set to allow outgoing traffic. Are there other properties that I need to set in NG FP3? Regards, Norman ----- Original Message ----- From: "Norman Zhang" <[email protected]> To: <[email protected]> Sent: Monday, March 03, 2003 5:45 PM Subject: [FW-1] radius help Hi, I had this working in 4.1 but I can't get RADIUS to work in NG FP3. I installed IAS from NT 4.0 Option Pack then applied midcamp.exe and iassp6-x86.exe from MS. My firewall rule is localusers@LAN -->any-->any-->http-->user authentication The RADIUS clients file is setup as FWIntIP mySecret and users as DEFAULT Internal-Proxy-Server = "DLL C:\Program Files\IAS\authsam.dll" Framed-Protocol = PPP Framed-Routing = Send Service-Type = Framed Event Viewer displays the following with Event ID: 8207, Source: AuthSrv, Type: Warning, Category: Malformed Packet Unknown Client: Source = FWIntIP:2912 Code = Access-Request Identifier = 64 User-Name = InternalUser Password = ****** Service-Type = Authenticate-Only NAS-IP-Address = FwExtIP Would someone please give some pointers here? Regards, Norman --- Hi, I have a RADIUS on a NT 4.0 BDC. I need to able to authenticate NG FP3 with the RADIUS, but I seem to forget what settings that I need to change the users file. I tried to follow, DEFAULT Auth-Type = System, User-Service-Type = Login-User as described in http://www.phoneboy.com/fom/fom.pl?_highlightWords=radius&file=435. But those two attributes does not seem to exist in RADIUS (I'm using the one came with NT 4.0 Option Pack (with appropriate fixes). Does anyone remember what I need to change in the configuration file to get this working? ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|